def create_public_ipv4_port(user_id, network=None, address=None,
category="user"):
"""Create a port in a public IPv4 network.
Create a port in a public IPv4 network (that may also have an IPv6
subnet). If the category is 'user' or 'default' this will try to use
one of the users floating IPs. If the category is 'admin' will
create a port to the public network (without floating IPs or quotas).
"""
if category in ["user", "default"]:
if address is None:
ipaddress = ips.get_free_floating_ip(user_id, network)
else:
ipaddress = util.get_floating_ip_by_address(user_id, address,
for_update=True)
elif category == "admin":
if network is None:
ipaddress = ips.allocate_public_ip(user_id)
else:
ipaddress = ips.allocate_ip(network, user_id)
else:
raise ValueError("Unknown category: %s" % category)
if network is None:
network = ipaddress.network
return _create_port(user_id, network, use_ipaddress=ipaddress)
def create_port(credentials, network_id, machine_id=None,
address=None, name="", security_groups=None,
device_owner=None):
user_id = credentials.userid
vm = None
if machine_id is not None:
vm = util.get_vm(machine_id, credentials,
for_update=True, non_deleted=True, non_suspended=True)
if vm.nics.count() == settings.GANETI_MAX_NICS_PER_INSTANCE:
raise faults.BadRequest("Maximum ports per server limit reached")
network = util.get_network(network_id, credentials,
non_deleted=True, for_update=True)
ipaddress = None
if network.public:
# Creating a port to a public network is only allowed if the user has
# already a floating IP address in this network which is specified
# as the fixed IP address of the port
if address is None:
msg = ("'fixed_ips' attribute must contain a floating IP address"
" in order to connect to a public network.")
raise faults.BadRequest(msg)
ipaddress = util.get_floating_ip_by_address(credentials,
address,
for_update=True)
port = _create_port(user_id, network, machine=vm, use_ipaddress=ipaddress,
name=name,
security_groups=security_groups,
device_owner=device_owner)
log.info("User %s created port %s, network: %s, machine: %s, ip: %s",
user_id, port.id, network, vm, ipaddress)
return port
def create_public_ipv4_port(user_id,
network=None,
address=None,
category="user"):
"""Create a port in a public IPv4 network.
Create a port in a public IPv4 network (that may also have an IPv6
subnet). If the category is 'user' or 'default' this will try to use
one of the users floating IPs. If the category is 'admin' will
create a port to the public network (without floating IPs or quotas).
"""
if category in ["user", "default"]:
if address is None:
ipaddress = ips.get_free_floating_ip(user_id, network)
else:
ipaddress = util.get_floating_ip_by_address(user_id,
address,
for_update=True)
elif category == "admin":
if network is None:
ipaddress = ips.allocate_public_ip(user_id)
else:
ipaddress = ips.allocate_ip(network, user_id)
else:
raise ValueError("Unknown category: %s" % category)
if network is None:
network = ipaddress.network
return _create_port(user_id, network, use_ipaddress=ipaddress)
def remove_floating_ip(request, vm, args):
address = args.get("address")
if address is None:
raise faults.BadRequest("Missing 'address' attribute")
floating_ip = util.get_floating_ip_by_address(vm.userid, address,
for_update=True)
if floating_ip.nic is None:
raise faults.BadRequest("Floating IP %s not attached to instance"
% address)
servers.delete_port(floating_ip.nic)
return HttpResponse(status=202)
def add_floating_ip(request, vm, args):
address = args.get("address")
if address is None:
raise faults.BadRequest("Missing 'address' attribute")
userid = vm.userid
floating_ip = util.get_floating_ip_by_address(userid, address,
for_update=True)
servers.create_port(userid, floating_ip.network, machine=vm,
user_ipaddress=floating_ip)
return HttpResponse(status=202)
def add_floating_ip(server_id, address, credentials):
vm = util.get_vm(server_id, credentials,
for_update=True, non_deleted=True, non_suspended=True)
floating_ip = util.get_floating_ip_by_address(
credentials, address, for_update=True)
userid = vm.userid
_create_port(userid, floating_ip.network, machine=vm,
use_ipaddress=floating_ip)
log.info("User %s attached floating IP %s to VM %s, address: %s,"
" network %s", credentials.userid, floating_ip.id, vm.id,
floating_ip.address, floating_ip.network_id)
def remove_floating_ip(request, vm, args):
address = args.get("address")
if address is None:
raise faults.BadRequest("Missing 'address' attribute")
floating_ip = util.get_floating_ip_by_address(vm.userid,
request.user_projects, address, for_update=True)
if floating_ip.nic is None:
raise faults.BadRequest("Floating IP %s not attached to instance"
% address)
servers.delete_port(floating_ip.nic)
log.info("User %s detached floating IP %s from VM %s",
request.user_uniq, floating_ip.id, vm.id)
return HttpResponse(status=202)
def add_floating_ip(request, vm, args):
address = args.get("address")
if address is None:
raise faults.BadRequest("Missing 'address' attribute")
userid = vm.userid
floating_ip = util.get_floating_ip_by_address(userid,
request.user_projects, address, for_update=True)
servers.create_port(userid, floating_ip.network, machine=vm,
user_ipaddress=floating_ip)
log.info("User %s attached floating IP %s to VM %s, address: %s,"
" network %s", request.user_uniq, floating_ip.id, vm.id,
floating_ip.address, floating_ip.network_id)
return HttpResponse(status=202)
def create_port(credentials,
network_id,
machine_id=None,
address=None,
name="",
security_groups=None,
device_owner=None):
user_id = credentials.userid
vm = None
if machine_id is not None:
vm = util.get_vm(machine_id,
credentials,
for_update=True,
non_deleted=True,
non_suspended=True)
if vm.nics.count() == settings.GANETI_MAX_NICS_PER_INSTANCE:
raise faults.BadRequest("Maximum ports per server limit reached")
network = util.get_network(network_id,
credentials,
non_deleted=True,
for_update=True)
ipaddress = None
if network.public:
# Creating a port to a public network is only allowed if the user has
# already a floating IP address in this network which is specified
# as the fixed IP address of the port
if address is None:
msg = ("'fixed_ips' attribute must contain a floating IP address"
" in order to connect to a public network.")
raise faults.BadRequest(msg)
ipaddress = util.get_floating_ip_by_address(credentials,
address,
for_update=True)
port = _create_port(user_id,
network,
machine=vm,
use_ipaddress=ipaddress,
name=name,
security_groups=security_groups,
device_owner=device_owner)
log.info("User %s created port %s, network: %s, machine: %s, ip: %s",
user_id, port.id, network, vm, ipaddress)
return port
def add_floating_ip(server_id, address, credentials):
vm = util.get_vm(server_id,
credentials,
for_update=True,
non_deleted=True,
non_suspended=True)
floating_ip = util.get_floating_ip_by_address(credentials,
address,
for_update=True)
userid = vm.userid
_create_port(userid,
floating_ip.network,
machine=vm,
use_ipaddress=floating_ip)
log.info(
"User %s attached floating IP %s to VM %s, address: %s,"
" network %s", credentials.userid, floating_ip.id, vm.id,
floating_ip.address, floating_ip.network_id)
def remove_floating_ip(server_id, address, credentials):
vm = util.get_vm(server_id, credentials,
for_update=True, non_deleted=True, non_suspended=True)
# This must be replaced by proper permission handling
# This is currently needed to allow the user to remove a shared IP from a
# VM that does not belong to the user, nor it is shared to a common
# project.
ip_credentials = api.Credentials(vm.userid, credentials.user_projects)
floating_ip = util.get_floating_ip_by_address(
ip_credentials, address, for_update=True)
if floating_ip.nic is None:
raise faults.BadRequest("Floating IP %s not attached to instance"
% address)
_delete_port(floating_ip.nic)
log.info("User %s detached floating IP %s from VM %s",
credentials.userid, floating_ip.id, vm.id)
def remove_floating_ip(server_id, address, credentials):
vm = util.get_vm(server_id,
credentials,
for_update=True,
non_deleted=True,
non_suspended=True)
# This must be replaced by proper permission handling
# This is currently needed to allow the user to remove a shared IP from a
# VM that does not belong to the user, nor it is shared to a common
# project.
ip_credentials = api.Credentials(vm.userid, credentials.user_projects)
floating_ip = util.get_floating_ip_by_address(ip_credentials,
address,
for_update=True)
if floating_ip.nic is None:
raise faults.BadRequest("Floating IP %s not attached to instance" %
address)
_delete_port(floating_ip.nic)
log.info("User %s detached floating IP %s from VM %s", credentials.userid,
floating_ip.id, vm.id)
def create_port(request):
user_id = request.user_uniq
req = api.utils.get_json_body(request)
log.debug("User: %s, Action: create_port, Request: %s", user_id, req)
port_dict = api.utils.get_attribute(req, "port", attr_type=dict)
net_id = api.utils.get_attribute(port_dict,
"network_id",
attr_type=(basestring, int))
device_id = api.utils.get_attribute(port_dict,
"device_id",
required=False,
attr_type=(basestring, int))
vm = None
if device_id is not None:
vm = util.get_vm(device_id,
user_id,
request.user_projects,
for_update=True,
non_deleted=True,
non_suspended=True)
# Check if the request contains a valid IPv4 address
fixed_ips = api.utils.get_attribute(port_dict,
"fixed_ips",
required=False,
attr_type=list)
if fixed_ips is not None and len(fixed_ips) > 0:
if len(fixed_ips) > 1:
msg = "'fixed_ips' attribute must contain only one fixed IP."
raise faults.BadRequest(msg)
fixed_ip = fixed_ips[0]
if not isinstance(fixed_ip, dict):
raise faults.BadRequest("Invalid 'fixed_ips' field.")
fixed_ip_address = fixed_ip.get("ip_address")
if fixed_ip_address is not None:
try:
ip = ipaddr.IPAddress(fixed_ip_address)
if ip.version == 6:
msg = "'ip_address' can be only an IPv4 address'"
raise faults.BadRequest(msg)
except ValueError:
msg = "%s is not a valid IPv4 Address" % fixed_ip_address
raise faults.BadRequest(msg)
else:
fixed_ip_address = None
network = util.get_network(net_id,
user_id,
request.user_projects,
non_deleted=True,
for_update=True)
ipaddress = None
if network.public:
# Creating a port to a public network is only allowed if the user has
# already a floating IP address in this network which is specified
# as the fixed IP address of the port
if fixed_ip_address is None:
msg = ("'fixed_ips' attribute must contain a floating IP address"
" in order to connect to a public network.")
raise faults.BadRequest(msg)
ipaddress = util.get_floating_ip_by_address(user_id,
request.user_projects,
fixed_ip_address,
for_update=True)
elif fixed_ip_address:
ipaddress = ips.allocate_ip(network, user_id, address=fixed_ip_address)
name = api.utils.get_attribute(port_dict,
"name",
required=False,
attr_type=basestring)
if name is None:
name = ""
security_groups = api.utils.get_attribute(port_dict,
"security_groups",
required=False,
attr_type=list)
#validate security groups
# like get security group from db
sg_list = []
if security_groups:
for gid in security_groups:
try:
sg = util.get_security_group(int(gid))
except (KeyError, ValueError):
raise faults.BadRequest("Invalid 'security_groups' field.")
sg_list.append(sg)
new_port = servers.create_port(user_id,
network,
use_ipaddress=ipaddress,
machine=vm,
name=name)
log.info("User %s created port %s, network: %s, machine: %s, ip: %s",
user_id, new_port.id, network, vm, ipaddress)
response = render_port(request, port_to_dict(new_port), status=201)
return response
def create_port(request):
user_id = request.user_uniq
req = api.utils.get_json_body(request)
log.info('create_port user: %s request: %s', user_id, req)
port_dict = api.utils.get_attribute(req, "port", attr_type=dict)
net_id = api.utils.get_attribute(port_dict, "network_id",
attr_type=(basestring, int))
device_id = api.utils.get_attribute(port_dict, "device_id", required=False,
attr_type=(basestring, int))
vm = None
if device_id is not None:
vm = util.get_vm(device_id, user_id, for_update=True, non_deleted=True,
non_suspended=True)
# Check if the request contains a valid IPv4 address
fixed_ips = api.utils.get_attribute(port_dict, "fixed_ips", required=False,
attr_type=list)
if fixed_ips is not None and len(fixed_ips) > 0:
if len(fixed_ips) > 1:
msg = "'fixed_ips' attribute must contain only one fixed IP."
raise faults.BadRequest(msg)
fixed_ip = fixed_ips[0]
if not isinstance(fixed_ip, dict):
raise faults.BadRequest("Invalid 'fixed_ips' field.")
fixed_ip_address = fixed_ip.get("ip_address")
if fixed_ip_address is not None:
try:
ip = ipaddr.IPAddress(fixed_ip_address)
if ip.version == 6:
msg = "'ip_address' can be only an IPv4 address'"
raise faults.BadRequest(msg)
except ValueError:
msg = "%s is not a valid IPv4 Address" % fixed_ip_address
raise faults.BadRequest(msg)
else:
fixed_ip_address = None
network = util.get_network(net_id, user_id, non_deleted=True,
for_update=True)
ipaddress = None
if network.public:
# Creating a port to a public network is only allowed if the user has
# already a floating IP address in this network which is specified
# as the fixed IP address of the port
if fixed_ip_address is None:
msg = ("'fixed_ips' attribute must contain a floating IP address"
" in order to connect to a public network.")
raise faults.BadRequest(msg)
ipaddress = util.get_floating_ip_by_address(user_id, fixed_ip_address,
for_update=True)
elif fixed_ip_address:
ipaddress = ips.allocate_ip(network, user_id,
address=fixed_ip_address)
name = api.utils.get_attribute(port_dict, "name", required=False,
attr_type=basestring)
if name is None:
name = ""
security_groups = api.utils.get_attribute(port_dict,
"security_groups",
required=False,
attr_type=list)
#validate security groups
# like get security group from db
sg_list = []
if security_groups:
for gid in security_groups:
try:
sg = util.get_security_group(int(gid))
except (KeyError, ValueError):
raise faults.BadRequest("Invalid 'security_groups' field.")
sg_list.append(sg)
new_port = servers.create_port(user_id, network, use_ipaddress=ipaddress,
machine=vm, name=name)
response = render_port(request, port_to_dict(new_port), status=201)
return response
